Just had a major issue when using both ws sessions and authentication
with jboss as. The first call on a session worked, but the second
method came from the ws on another thread so the jboss
securityassociation was lost. I have hacked a simple solution into
EJBProvider which looks up the home again (or just do a IC.rebind and
cause reauthentication) and creates a securityassociation local on the
current thread. The second call works from there.
Warren Crossing wrote:
I use axis1-4 for ws based auth and session management, this ties
directly into my sessionbean using the providers and handlers from axis1-4.
If the context has a session then it talks to the same session bean
serviceobject. If the context has credentials then they are passed into
jni to look up the ejb service object.
What I hope get from this architecture is container based transaction
and security support without exposing transactions or neccessarily
security through the wsdl. I could add another handler to map security
etc..
I noticed when the session is reaped on timeout that remove() is not
called on the session bean. I might clone EJBProvider and implement
ServiceLifecycle so I can call remove() on the destroy() event.
So why go to this effort in architecture to essentially pass the buck to
the next component? I am essentially exposing a call-control sip stack
through the ws. I have no place to do any core logic, or event routing,
in the ws layer or in the stack as they both maintain session state and
transactions in completley different ways, ie cookies and dialogs.
What I really want is a transactional context to say "detect the call
has ended ! debit close the session and modify some database state,
handle failure case, make endpoint callbacks etc" which I can't get from
the sip stack (aka black box) and don't trust the web server to do
(reliably).
Another reason is I automagically get pooling of service objects. Sure I
have to authenticate twice a session, once in the ws and once in jni -
ejb, but I don't have to worry about dos and cross host usage. I don't
really need session failover but that's another point for the ejb
container (if supported).
I also get ejb timers facility and concurrency and synchronization. So I
think its a win for coupling the two architectures togeather.
IMHO WS is not an application framework it's just another
remoting/messaging technology primarily for .NET and monkey JEE interop.
Otherwise why not just use IIOP? It's much faster! =)
Interested in your feedback.
[EMAIL PROTECTED] wrote:
Hi, axis 1 & 2 work in a J2EE environment
Michel Lequim
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Andrew Lindley
Sent: Friday, June 16, 2006 11:54 AM
To: axis-user@ws.apache.org
Subject: [AXIS2] J2EE Support
I was just wondering, why neither AXIS, nor AXIS2 do support J2EE - is
this correct?
JBoss e.g. has this feature.
Is this information correct?
thanks,
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]